Approve Aternity Staff Who Can Access Your Account (Access Management)

At Aternity, we are continuously working to secure our customers’ environment and data. The Access Management system increases your visibility into Aternity staff members who can access your system.

Aternity employees, including Sales, Support and others must request an access to your account and Administrator of Aternity will approve or reject. The access can be revoked any time.
Secure access to your account by approving each request
For existing accounts, all Aternity staff access is going to be revoked. You are going to get email notifications from the Aternity Access Management system about the requests to access your account. You can view the requests in the administration screens of the Aternity console.
Approve Aternity staff access to your account
Questions Answers

How will it help secure my data?

This increases your visibility into Aternity staff who can access your system.

Once I approve a request, will the user have access to the Aternity console and REST API?

Yes. Once you’ve approved an Aternity user request, that user can access your environment both from the console and with REST API.

If you reject the request or revoke the access, the requester will not be able to access your data from the console or with REST API.

Will I be notified of any request action?

Yes. Administrator of Aternity will be notified about any change in the request. If it was approved, rejected, or revoked.

What is the expiration time for a request?

Requests can be in the Pending status up to 14 days. After that, they are removed from the Gear Icon > Users screen.

What should I do if I am out of the office and unable to approve requests?

The request is sent to all your account administrators, any administrator can approve or reject. In case you are out of the office, make sure you have an account administrator in the system who can approve or reject users.

Is there any impact on my internal account users?

No. Nothing changes for your account users; they will still be seen and managed by you in the Users tab of the Users screen.

Will Aternity staff that I am working with keep their access?

No. All Aternity staff access will be revoked; therefore, they will need to request a new access permission. Once your account is upgraded, you will be getting email notifications from the Aternity Access Management system about all requests to access your account. That way you will be able to view all requests under the Aternity User Access tab in the Users screen.

Once I approve a request, will they get access forever?

When an Aternity staff makes a request, it can be either time-limited or unlimited. You can see the requested expiration date and approve accordingly. Also, all requests that have been approved can be revoked whenever you decide.

Will the support team need to request access too?

Yes. The Aternity support team will also need to ask for an access. Once approved, they will be able to access your account.

Can I get an audit report for all Aternity employees who have access to my system?

Yes. All requests and accesses are being audited and you can view them in the Users screen or with REST API (learn more).

What kind of information will the Aternity access requests contain?

In the Users screen under the Aternity User Access tab, see all requests with the following information for each request:

User Name, Full Name, Job title, Department, Request Status, Request Date, Request Reason, Action, and Expiration.

How can I know there is an access request?

Every three days during the 14 days you will be receiving an email notification to approve or reject the request. After 14 days requests will be expired and removed from the Users screen.

For more information, please contact Aternity SaaS Administration.

Procedure

  1. Step 1 Open a browser and sign in to Aternity.
  2. Step 2 Go to the Gear Icon > Users screen.
  3. Step 3 In the Aternity Users Access tab, see all Aternity employees who asked to access your account and the status of their requests.

    Approve, reject, or revoke Aternity staff requests. Once a request is approved, you will still have the option to revoke that access at any time.

    Field Description
    Type

    Displays the type of a user who requested an access:

    • LocalUser refers to a user which you defined locally inside Aternity.

    • SamlUser refers to a user who signed in via SSO with the SAML protocol.

    • SamlGroupUser refers to users who signed in via SSO with the SAML protocol and were not explicitly defined but get their roles from an SSO Group they belong to.

    Name

    Displays the name of an Aternity employee who requested an access to the customer account.

    Full Name

    Displays the first and the last name of a user who requested an access to the account.

    Job Title

    Displays the job title of the Aternity employee who requested an access to the account.

    Department

    Displays the name of the department to which the Aternity employee belongs.

    Status

    Displays a status of the request (approved/rejected/revoked).

    Request Date

    Displays the date when the request was sent.

    Request Reason

    Displays a reason for the request.

    Actions

    Displays the action that the account administrator can perform or already performed (approved/rejected/revoked the access request).

    Details

    Displays the details of a request, including user's name, email, account ID, and the request status.

    Expiration

    Displays the time when access to the account will expire.

    You can also view this data in the ATERNITY_USERS_ACCESS REST API. Learn more.

  4. Step 4 To view the usernames and groups who have access to sign in to Aternity, select the Gear Icon > Users. Learn more.